Cisco Web_security_virtual_appliance
9 CVEs affecting Cisco Web_security_virtual_appliance. Latest disclosed: 2017-07-25. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-6751 | High | 7.5 | 2017-07-25 | A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic fro… |
CVE-2017-6750 | High | 7.5 | 2017-07-25 | A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privilege… |
CVE-2017-6748 | Medium | 6.7 | 2017-07-25 | A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and eleva… |
CVE-2017-6749 | Medium | 5.4 | 2017-07-25 | A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored c… |
CVE-2015-6290 | | 2015-09-14 | Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted re… | |
CVE-2015-6287 | | 2015-09-14 | Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic tha… | |
CVE-2015-4217 | | 2015-06-26 | The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (… | |
CVE-2015-4216 | | 2015-06-26 | The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (… | |
CVE-2014-2137 | | 2014-04-02 | CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP header… |